Data protection policy
Boxine GmbH (as operator of the websites tonies.com, tonies.com/shop, support.tonies.com and my.tonies.com and the smartphone apps for iOS and Android) takes the protection of your personal data very seriously and is careful to ensure your privacy. We treat your personal data confidentially and in accordance with data protection legislation (particularly the EU General Data Protection Regulation (GDPR) and the German Federal Data Protection Act (BDSG)) and this data protection policy. To ensure that you are fully informed about the collection, use and processing of your personal data on our websites and about your rights, we ask that you take note of the information below.
Name and address of the data controller and who you can contact
The data controller for the purposes of the GDPR, other applicable data protection legislation and other data protection regulations is:
Grafenberger Allee 120
Contact: contact form
You can contact our data protection officer at:
Purpose and legal basis for the processing of your data
The use of our websites and apps for information purposes is designed to collect as little data from you as possible and is generally possible without providing any personal data. This is not the case when personal data is required for placing an order in our online shop, for creating an account in the online shop, for personalised use of the Toniecloud under my.tonies.com (Toniecloud customer accounts), in the context of customer care requests, for sending newsletters at your request or for using our general contact form or our blog. As a network-based system with a server (the Toniecloud) and clients (the Tonieboxes and Tonies with audio content), there are other processes that exchange data, without which the full use of the system is not possible. Further details about how our system works can also be found on our website.
We only collect personal data that is provided freely and to the extent that it is consistent with providing our service. If there is no statutory basis for the processing, we generally ask for your consent. You can withdraw your consent at any time. Your data is not disclosed to third parties. This does not apply to our service partners who need personal data to process your order in our online shop or in the context of customer care requests (e.g. the transport company delivering the product, the banks involved in processing the payment, our service partners for customer care/service requests or our technical support staff). In these cases, the scope of the data transferred is limited to the minimum necessary for the respective service, whereby all personal data is of course treated in strict confidence by our service partners and processed in line with the GDPR. To the extent permissible by law and taking your legitimate interests into account, address and credit details may be exchanged with a recognised external company (Schufa or Creditreform) to determine your credit score. However, we assume no liability for third parties unless explicitly mentioned.
Purposes of data processing and legal foundation
We process your personal data in accordance with the provisions of the EU General Data Protection Regulation (GDPR) and the German Federal Data Protection Act (BDSG):
- The processing of the data entered into the registration form takes place on the basis of your consent (Article 6(1)(a) of the GDPR). The legal basis for processing data sent with an email is Article 6(1)(f) of the GDPR. If the email contact serves to enter into a contract, then Article 6(1)(b) of the GDPR provides a further legal basis for the processing.
- The processing of your personal data primarily takes place in order to perform our contractual obligations in our online shop and the Toniecloud (Article 6(1)(b) of the GDPR), to execute contracts with our customers and, possibly, to carry out pre-contractual activities in response to enquiries about our products and services.
- To the extent that you have given us your consent to process your personal data for specific purposes (e.g. newsletter distribution), processing takes place on the basis of this consent. You can withdraw your consent at any time. Any such withdrawal does not apply retrospectively and does not affect the legality of the data processed up to that point (Article 6(1)(a) of the GDPR).
- If the processing of personal data is necessary for our company to comply with a legal obligation — for example, the fulfilment of duties under tax law — the processing takes place on the basis of Article 6(1)(c) of the GDPR.
- In the course of balancing interests, if we process personal data for reasons not covered by the legal grounds mentioned above, this may be necessary to pursue a legitimate interest of our company or a third party if your interests, rights, and freedoms do not override it. This is the case, for example, if we use your personal data to advertise our products if you have not objected to this use of your data or if your data is exchanged with a recognised external company for a credit check (Schufa or Kreditreform) or to process an order (Article 6(1)(f) of the GDPR and section 7, paragraph 3, of the Act Against Unfair Competition (UWG)).
Your data protection rights
At all times, you have the following rights with regard to your personal data:
- the right to information as defined in Article 15 of the GDPR, via the contact form
- the right to rectification as defined in Article 16 of the GDPR (directly in your profile)
- the right to erasure of your data as defined in Article 17 of the GDPR (directly in your profile)
- the right to restriction of processing as defined in Article 18 of the GDPR (on the pages of the respective providers)
- the right to object as defined in Article 21 of the GDPR (in the newsletter itself and in your profile)
- the right to data portability as defined in Article 20 of the GDPR (transfer of the household in your account)
The restrictions of sections 34 and 35 of the BDSG apply to the right to information and the right of erasure. You also have the right to lodge an objection with a competent data protection authority (Article 77 of the GDPR in conjunction with section 19 of the BDSG).
Data use in detail
Below, we explain in detail how our systems use your data.
Server log files
The provider of the pages automatically collects and stores information in so-called server log files, which are automatically transmitted to us by your browser. This information includes:
- browser type/version
- operating system used
- Referrer URL
- host name of the accessing computer
- time of server request
- IP address
- request authorisation
This data cannot be attributed to a specific person by us. This data is not merged with other data sources. However, we reserve the right to subsequently examine this data if we have specific indications of unlawful use. The data is needed to deliver the content of our website correctly. When we use this general data and information, we draw no conclusions about specific individuals. In fact, this data is required in order to (1) deliver the content of our websites correctly, (2) optimise the content of our websites and advertisements for them, (3) ensure the ongoing functionality of our IT systems and website technology and (4) provide law enforcement agencies with the information necessary for prosecution in the event of a cyber attack. Therefore, we evaluate this anonymous data and information for statistical purposes and in order to improve data protection and data security in our company, ultimately with a view to ensuring an optimal level of protection for the personal data we process. The anonymous data in the server log files is stored separately from all personal data provided by a data subject.
Data use – Toniebox, Tonies, Toniecloud and Toniecloud customer account
Each Toniebox is supplied with an individual client certificate that enables it to identify itself to the Toniecloud. In addition to this client certificate, a Toniebox ID has been created for each Toniebox. This Toniebox ID is also printed on the bottom of the Toniebox. When you set up the Toniebox for the first time and connect it with a new Wi-Fi network, you will be asked to enter the Toniebox ID for verification by the Toniecloud. This ensures that only authorised Tonieboxes can make contact with the Toniecloud.
The Toniebox ID is used to link the Toniebox with a Toniecloud customer account. To set up this account, you need a valid email address; you can provide other personal data (first name, surname, sex) on a voluntary basis. In addition, you must enter your Toniebox ID in order to link your Toniebox to your customer account. A Toniecloud customer account is obligatory for the use of Creative-Tonies, connections to other Toniecloud members and other functions in the Toniebox ecosystem.
When you use your Toniebox, it will try to establish a connection to the Toniecloud when being set up for the first time, when switched on, when an unknown Tonie is placed on it and when you search for new Tonie content. If the connection to the Toniecloud is successfully established, the Toniebox sends its individual client certificate, IP address and a timestamp. When Tonies and the Toniebox are used, we also receive data on operating events (Tonie placed or removed, including Tonie ID (e.g. Creative-Tonie or Stockman Tonie), volume adjustments, fast-forwarding or skipping, attaching or removing headphones, attaching or removing the charger). We use this data to keep on improving our services and products for you. The data transfers mentioned above take place anonymously, and the data is stored in server log files that we can analyse if necessary. If you contact our customer service or give the Toniebox ID in the context of a support request (e.g. because your Toniebox has a technical problem or because a Toniebox and/or a Tonie has been lost in transit), the data previously collected anonymously will be linked with any personal data provided by you. In this case, our customer service team will specifically point this out to you. This enables us to process your support request, to track down a Toniebox or Tonies lost in transit and to detect any cases of misuse or legal offences in this context and to take action against them. The linked data is erased as soon as your support request has been processed in full. In the event of a potential legal offence, we will store the data until the offence has been clarified or, if legal proceedings have been initiated, until they are completed and will only erase the data when we no longer need it as evidence or to defend our legal interests or are no longer obliged to store it by law.
If you have set up a Toniecloud customer account and linked your Toniebox with this account via the Toniebox ID, we may link your customer data with the data described above, allowing us to adapt our newsletter (if you have opted to receive it) and other advertising to you and your individual interests and so continuously improve our advertising material and its efficiency. If you do not want this, you, of course, have the opportunity to deactivate this feature in your Toniecloud customer settings.
If you upload audio files for your Creative-Tonies to the Toniecloud (via the Tonie smartphone app or our website), our server converts these files into the required audio format and then makes them available to play on the Creative-Tonies. The original files that you uploaded are erased automatically after seven days. The converted files are then stored in our Toniecloud. You can upload new files for your Creative-Tonies as often as you want; the old files are erased and replaced by the new ones. We do not store the old files, but for technical reasons, the converted files are kept for at least seven days after conversion. We reserve the right to check the uploaded files on a random basis for any breaches of applicable law (including copyright law, personality rights and competition law), applicable case law and/or public morality. If we detect any such breach, we reserve the right to delete your data from our Toniecloud and to close your Toniecloud customer account.
If you close your Toniecloud account, you have the opportunity to give another user administration rights before you leave and so enable them to keep using your Toniecloud collection. In this case, the uploaded audio files will stay in the Toniecloud although the Toniecloud customer account has been deleted.
Data use – Tonie smartphone apps and QR code on Toniebox packaging
If you use our smartphone apps, you need a Toniecloud customer account and also have to log in to the Tonie smartphone app with your email address and your password. The apps enable you to record voice messages and link them with a selected Creative-Tonie by uploading them from the smartphone to the Toniecloud using the app.
To enable you to use all the functions of our apps, they have to access various functionalities and data. For this purpose, we collect the data listed below. In order to gain access to all the features of the apps, you must grant us the rights to collect the needed data (declaration of consent according to Article 6(1)(a) of the GDPR). We only ask for the rights that are actually necessary for this use. Please note that you cannot use all the functions of our apps until you have given us all the rights.
The apps use the following data:
- audio recordings, tracks uploaded to the cloud
- customer data for verification
- Toniebox name
The apps are accessed for the following purposes:
- authenticate and access accounts on the device and their use
- transfer of photos/media/files as part of the agreed use of the app
- microphone to record audio files
- network access to display network connections
- stopping device from entering sleep mode
- changing audio settings
Newsletter and marketing emails
If you would like to receive our newsletter by email, we will need your email address. You can also provide your first name, surname and sex on a voluntary basis. No other data is collected. We use this data exclusively to send the requested information and do not forward it to third parties.
We carry out statistical analysis of the information sent. This includes information about whether the newsletter was opened or not and which links were clicked. Although it is technically possible to attribute this information to the individual recipients of newsletters, this is not the processing purpose of our analytics. Rather the analysis helps us to identify the reading patterns of our users and adapt our content to them or to send different content to individual users depending on their interests.
You may withdraw consent for the storage of data and the email address and their use to send the newsletter at any time via the ‘Unsubscribe’ link in the newsletter.
We need your personal data to process your order in our online shop. This means we need your title, name, surname, email address, delivery address, invoice address and – on a voluntary basis – your telephone number for any queries about your order. If you want to set up a customer account with us, we will store your personal data so that you do not have to enter it for every new order – this saves you time and avoids typing errors. In addition, it gives you personal access to your order history and lets you define individual user settings if you wish. When you set up a customer account in the shop, the following personal data is stored: title, surname, name, email address, delivery address, invoice address, payment type (preset for the first purchase), telephone number (voluntary, for queries about your order) and your chosen password.
On our website tonies.com, we enable users to comment on our Tonie blog posts. If you make use of this feature, your comments will be stored and published along with the date and time the comment was posted and your chosen username or pseudonym. The IP address issued to you by your Internet service provider is also logged. We also ask for your email address, which we store but do not publish. This personal data is recorded for security reasons and in case your comments infringe on third-party rights or constitute unlawful posts. Storing this personal data may enable us to exonerate ourselves in the event of any legal infringements. We do not forward your personal data to third parties unless we are obliged to do so by law or we are entitled to do so in our defence.
customer service - telephone
When you call our customer service line, your telephone number, your email address and any other information you give to our customer service team are recorded, stored and analysed in order to process your request and to improve our products and service quality. To the extent that you have to provide your Toniebox ID in order for us to respond to your request, the data on operating events, which was previously stored anonymously, can be linked with the personal information you provide. In this case, however, the customer service staff will notify you about such a link beforehand, and you of course have the opportunity to decline this at any time.
Customer service via the contact form
If you send us a request via the contact form, your data from the request form – including the personal data provided voluntarily (e.g. your name and email address) – will be automatically stored by us until the matter has been settled in order to process the request and any further questions. Of course, we do not pass on this data without your consent.
Some of the cookies used by us are so-called session cookies. They are automatically deleted after the end of your visit. Other cookies remain on your device until you delete them; these cookies allow us to recognise your browser the next time you visit one of our websites and so make our websites user-friendlier. During this process, cookies store and transmit the following data in particular: items in the shopping basket and log-in information.
The table below provides a list of the cookies:
| Cookie name | First- or third-party-provider cookie | Description/function | Standard expiry time |
| - | - | - | - |
_tonies_wl | Boxine | Displays personal wish list in shop (tonies.com) | never |
| local storage | Boxine | Stores personal data on the device within the system (is not disclosed to third parties) | never |
PHPSESSID | Boxine | Maintains user session variables and keeps contact between pages | 2 days |
_fbp | Facebook | Displays a large number of adverts, including real-time offers from third-party providers | 3 months |
_fr | Facebook | Encrypted Facebook and browser ID optimises advertising | 3 months |
_ga | Google | Enables website statistics and optimisation of website functionalities | 2 years |
_gat | Google | Is used by Google Analytics to limit request ratio | 4 days |
_gcl_au | Google | Enables website statistics and optimisation of website functionalities | 3 months |
_gid | Google | Registers a unique ID to generate statistical information about how the visitor uses the website | 1 day |
_cfduid | Zendesk | Makes it possible to contact or use the help function of a website | 1 year |
_help_center_session | Zendesk | Helps the Zendesk Guide in the current session | never |
_zendesk_session | Zendesk | Contains session information for root access applications | never |
_zendesk_shared_session | Zendesk | Contains session information for joint use in Zendesk applications | never |
Third-party tools on our websites and smartphone apps
Data protection policy for the use of Facebook plug-ins (Like button)
Plug-ins for the social network Facebook – provided by Facebook Inc., 1 Hacker Way, Menlo Park, California 94025, USA – are integrated on our website. Facebook plug-ins can be identified by the Facebook logo or the ‘Like’ button on our website. An overview of Facebook plug-ins can be found here. If you live outside the USA or Canada, the controller for the processing of personal data is Facebook Ireland Ltd, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland.
When you visit our website, the plug-in establishes a direct connection between your browser and the Facebook server. This notifies Facebook that you have visited our website via your IP address. If you click the Facebook ‘Like’ button whilst logged into your Facebook account, you can link the content on our website with your Facebook profile. This enables Facebook to attribute the visit to our website to your user account. Please note that we, as the provider of the website, have no knowledge of the content of the transmitted data or how it is used by Facebook. Further information about how Facebook collects, processes and uses personal data and about the privacy protection settings can be found in the Facebook data protection policy.
If you do not want Facebook to associate your visit to our website with your Facebook account, please log out of Facebook before you visit our website.
Data protection policy for the use of Facebook’s Website Custom Audiences
The Website Custom Audiences pixel from the social network Facebook, 1601 South California Avenue, Palo Alto, CA 94304, USA, is also used on our website. It uses a tracking pixel to identify website visitors.
This tracking pixel establishes a direct connection between your browser and the Facebook server when you visit our websites. This notifies Facebook that you have visited our website via your IP address. Facebook can attribute your visit to our website to your user account and will use this information to personalise Facebook adverts (the legitimate interest here within the meaning of Article 6(1)(f) of the GDPR is to optimise the customer experience). Please note that we, as the provider of the website, have no knowledge of the content of the transmitted data or how it is used by Facebook.
For further information, please refer to the Facebook data protection policy. You can of course also deactivate data collection by Custom Audiences. To do so, please click on this link. If you live outside the USA or Canada, the controller for the processing of personal data is Facebook Ireland Ltd, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland.
Data protection policy for the use of Google Analytics
If IP anonymisation is active on this website, Google will truncate your IP address in advance and within the EU member states or other states party to the Agreement on the European Economic Area. Your full IP address will only be transmitted to a Google server in the USA and truncated there in exceptional cases. Google uses this information on behalf of the website operator to evaluate your use of the website, compile website activity reports and provide further services associated with the use of the website in particular and the Internet in general to the website operator. The IP address transmitted by your browser for the purposes of Google Analytics will not be merged with other data held by Google.
You can prevent cookies from being stored on your device by changing the relevant setting in your browser software; please note that you may not be able to use all of this website’s functions if you have deactivated cookies. You can also prevent Google from logging data generated through cookies and your use of the website (including your IP address) and from processing this data by downloading and installing the browser plug-in available via this link.
Further information and Google’s current data protection policy (with information about the collection, processing and use of personal data by Google and your privacy options) can be found here and here. For more details about Google Analytics, see this link.
Data protection policy for the use of Instagram
Our websites use plug-ins from the social network Instagram, which is operated by Instagram LLC, 1 Hacker Way, Building 14 First Floor, Menlo Park, CA 94025, USA. You can recognise the Instagram plug-in by the Instagram button on our website. If you click on the Instagram button while you are logged in to your Instagram account, the content of our website can be linked to your Instagram profile. This enables Instagram to attribute the visit to our website to your user account. Please note that we, as the provider of the website, have no knowledge of the content of the transmitted data or how it is used by Instagram. If you do not want this information to be transferred to Instagram, you can prevent it by logging out of your Instagram account before accessing our websites. Further information about this and about the collection, processing and use of personal data by Instagram can be found in the Instagram data protection policy.
Data protection policy for the use of LaunchDarkly
The website my.tonies.com uses a plug-in from the feature-flagging tool LaunchDarkly, which is operated by Catamorphic Co. DBA LaunchDarkly, 1714 Franklin Street, Suite 100–140, Oakland, CA 94612, USA. LaunchDarkly enables us to activate or deactivate features for individual users and/or user groups. Once you have successfully logged in to the Toniecloud, your browser establishes a secure connection to the LaunchDarkly servers. The plug-in sends log data to the LaunchDarkly server in Canada. This log data may include your IP address, the address of the website visited and your email address.
Further information about how LaunchDarkly collects, processes and uses personal data and about your rights and privacy protection settings can be found in the LaunchDarkly data protection policy.
Data protection policy for the use of Pinterest
On our website we use social plug-ins from the social network Pinterest, which is operated by Pinterest Inc., 635 High Street, Palo Alto, CA 94301, USA (‘Pinterest’). When you access a page that contains such a plug-in, your browser establishes a direct connection to the Pinterest servers. The plug-in then sends log data to the Pinterest servers in the USA. These log data may include your IP address, the address of the websites visited that also contain Pinterest functions, the browser type and settings, request date and time, how you use Pinterest and cookies.
Further information about how Pinterest collects, processes and uses personal data and about your rights and privacy protection settings can be found in the Pinterest data protection policy.
Data protection policy for the use of Piwik PRO
Further information and Piwik PRO’s current data protection policy (with information about the collection, processing and use of personal data by Piwik PRO and your privacy options) can be found here. For more details about Piwik PRO, see https://piwik.pro/.
Data protection policy for the use of Twitter
Functions of the service Twitter are integrated into our website. These features are provided by Twitter Inc., 1355 Market Street, Suite 900, San Francisco, CA 94103, USA. By using Twitter and the ‘Retweet’ feature, the websites you visit are linked to your Twitter account and become available for other users to see. In this context, data is also transmitted to Twitter. Please note that we, as the provider of the website, have no knowledge of the content of the transmitted data or how it is used by Twitter.
Further information about this and about the collection, processing and use of personal data by Twitter can be found in the Twitter data protection policy.
You can change your privacy settings on Twitter in your account settings. If you do not want this information to be transferred to Twitter, you can also prevent it by logging out of your Twitter account before accessing our websites.
Data protection policy for the use of Zendesk
To handle customer requests made to the customer service, we use the ticketing system Zendesk – a customer service platform from Zendesk Inc., 989 Market Street #300, San Francisco, CA 94102, USA. This entails logging necessary data such as your name and email address via our website.
Further information about data processing by Zendesk can be found in the Zendesk data protection policy and on the company’s page about EU data protection. If you have any questions, you can also contact the Zendesk data protection officer directly at email@example.com.
When you send the form, the data is sent to our Zendesk ticketing system and is only used to process your request. The data provided is treated confidentially. Once the request has been processed, the data is archived by Zendesk for documentation purposes; it is not forwarded to third parties for advertising purposes.
Disclosure of personal data outside our company to supply your purchase in our online shop
For the purposes of performing the contract, the personal data we collect is forwarded to any transport company charged with delivering the goods. We forward your payment data to the bank concerned for the purposes of payment processing.
For payments with PayPal, we forward your payment data for the purposes of payment processing to PayPal (Europe) S.à.r.l. et Cie, S.C.A., 22–24 Boulevard Royal, L-2449 Luxembourg (PayPal). By selecting the payment option ‘PayPal’, you consent to the transfer of personal data necessary for payment processing. This generally includes your name, surname, address, email address, IP address, phone number, mobile phone number, or other data necessary to process your payment and order. The purpose of the data transfer is payment processing and fraud prevention. Other data protection information, including the information files used by PayPal and your rights as a data subject, can be found in the PayPal data protection policy.
If you decide to pay with a credit/debit card from Visa or Mastercard, the payment processing is carried out by HUELLEMANN & STRAUSS ONLINESERVICES S.à.r.l., 1, Place du Marché, L-6755 Grevenmacher, R.C.S. Luxembourg B 144133. By selecting these payment options, you consent to the transfer of the personal data necessary for payment processing.
Duration of storage of personal data
We only process and store your personal data for as long as necessary to meet our contractual and statutory obligations. When the purpose of storage no longer exists, your personal data is generally erased by us unless its continued temporary processing is necessary to meet retention obligations under commercial and tax law or to preserve documentary evidence for the statute of limitations.
Protection of personal data
We strive to take appropriate measures to ensure the security, integrity and confidentiality of the information you provide. For this reason, we have set up technological security strategies intended to protect the personal information we have collected about you. In addition, we take security measures as required by applicable data protection legislation. During the order process and in the Toniecloud, your personal data is transferred in encrypted form using SSL via the Internet. We take technical and organisational measures to secure our websites and other systems against the loss, destruction, access, modification or dissemination of your data by unauthorised parties.
Access to your customer account in the online shop and the Toniecloud is only possible by entering your personal password; the same applies to the Tonie smartphone app. You should keep your access information secret at all times and close the browser window when you have finished communicating with us – particularly if you share your desktop, tablet computer or smartphone with other people.
You can apply to work at our company by email too. Of course, we will only use your data to process your application and will not disclose it to third parties. Please note that unencrypted emails are not secure against unauthorised access. We only collect and process the personal data of job applicants for the purpose of the application process. If we sign an employment contract with an applicant, the data sent is stored in accordance with applicable legislation for the purpose of processing the employment contract. If we do not sign an employment contract with an applicant, we will erase the job application data automatically two months after communicating the rejection unless we have any other legitimate interest in not doing so (e.g. obligation to provide evidence in any proceedings under the German General Act on Equal Treatment (AGG)).